<?php

$page = "password";

require 'require.php';
$mess=array();
$error=array();

if (isset($_SESSION['user_id'])) {
	header("Location: index.php");
	exit;
}

$link_server = mysql_connect(OPENIDOO_DB_SERVER, OPENIDOO_DB_USER, OPENIDOO_DB_PASSWORD);
$select_db = mysql_select_db(OPENIDOO_DB_DATABASE, $link_server);

if (isset($_POST['oipw_action']) && ($_POST['oipw_action'] == 'password') && ((isset($_POST['oipw_username']) && ($_POST['oipw_username']== '')) && (isset($_POST['oipw_email']) && ($_POST['oipw_email'] =='')))) {
$error[]= 'vide';
}


if (isset($_POST['oipw_action']) && ($_POST['oipw_action'] == 'password') && ((isset($_POST['oipw_username']) && ($_POST['oipw_username'])) or (isset($_POST['oipw_email']) && ($_POST['oipw_email'])))) {

	if (isset($_POST['oipw_username']) && ($_POST['oipw_username'])) {
		
		if(strlen($_POST['oipw_username']) <=3)
			$error[]= 'username';
		
		
		
		if ((!$link_server) or (!$select_db)) {
			die('Connection failed.');
		} else {

			if (!($password_username = mysql_query("SELECT username, password, email FROM openidoo_accounts WHERE username='".mysql_escape_string($_POST['oipw_username'])."' LIMIT 1", $link_server))) {
				die('Query failed.');
			} else {

				if (mysql_num_rows($password_username) > 0) {

					$mail_password_username = mysql_result($password_username, 0, 'username');
					$mail_password_password = mysql_result($password_username, 0, 'password');
					$mail_password_email = mysql_result($password_username, 0, 'email');

					$msg_date = date('Y-m-d H:i:s');
					if (isset($_SERVER['REMOTE_ADDR'])) $msg_ip = $_SERVER['REMOTE_ADDR']; else $msq_ip = '';
					$msg_login = $mail_password_username;
					$msg_password = $mail_password_password;
					$message = sprintf("OpenIDOO - Recover Password :\n\n- Date : %s\n- I.P. : %s\n- Login : %s\n- Mot de passe : %s", $msg_date, $msg_ip, $msg_login, $msg_password);
					$message = str_replace('\n', "\n", $message);
					$headers = 'Content-Type: text/plain; charset="utf-8"'."\n";
					$headers .= 'From: no-reply@'.OPENIDOO_DOMAIN."\n";

					if (!mail($mail_password_email, 'Recover password', $message, $headers)) {
						die('Mail failed');
					}else{
						$mess[] = "An email has been sent to you";
					}

				}else{
					$error[]= 'check_username';
				}

			}
		}

	} elseif (isset($_POST['oipw_email']) && ($_POST['oipw_email'])) {
	
		if ((!$link_server) or (!$select_db)) {
			die('Connection failed.');
		} else {

			if (!($password_email = mysql_query("SELECT username, password, email FROM openidoo_accounts WHERE email='".mysql_escape_string($_POST['oipw_email'])."' ORDER BY user_id DESC", $link_server))) {
				die('Query failed.');
			} else {
				if (mysql_num_rows($password_email) > 0 ) {
					if( mysql_num_rows($password_email) == 1){
						$mail_password_username = mysql_result($password_email, 0, 'username');
						$mail_password_password = mysql_result($password_email, 0, 'password');
						$mail_password_email = mysql_result($password_email, 0, 'email');
						$msg_date = date('Y-m-d H:i:s');
						if (isset($_SERVER['REMOTE_ADDR'])) $msg_ip = $_SERVER['REMOTE_ADDR']; else $msq_ip = '';
						$msg_login = $mail_password_username;
						$msg_password = $mail_password_password;
						$message = sprintf("OpenIDOO - Recover Password :\n\n- Date : %s\n- I.P. : %s\n- Login : %s\n- Mot de passe : %s", $msg_date, $msg_ip, $msg_login, $msg_password);
						$message = str_replace('\n', "\n", $message);
						$headers = 'Content-Type: text/plain; charset="utf-8"'."\n";
						$headers .= 'From: no-reply@'.OPENIDOO_DOMAIN."\n";
						if (!mail($mail_password_email, 'Recover password', $message, $headers)) {
							die('Mail failed');
						}else{
							$mess[] = "An email has been sent to you";
						}
					}else{
						$error[] = 'many';
					}
				}else{
					$error[] = 'mail';
				}

			}
		}

	}
}

require "html/top.html";
require "html/password.html";
require "html/bottom.html";

?>
